opkg: add patch to circumvent signature checks on the command line

Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 45285
2015-04-06 19:39:22 +00:00 · 2015-04-06 19:39:22 +00:00 · dde8214d16
commit dde8214d16
parent 3efd1303d8
1 changed files with 70 additions and 0 deletions
--- a/package/system/opkg/patches/210-add-force-signature.patch
+++ b/package/system/opkg/patches/210-add-force-signature.patch
@ -0,0 +1,70 @@
+--- a/libopkg/opkg_conf.h
+++ b/libopkg/opkg_conf.h
+@@ -80,6 +80,7 @@ struct opkg_conf
+      int force_remove;
+      int force_checksum;
+      int check_signature;
+     int force_signature;
+      int nodeps; /* do not follow dependencies */
+      int nocase; /* perform case insensitive matching */
+      char *offline_root;
+--- a/src/opkg-cl.c
+++ b/src/opkg-cl.c
+@@ -51,6 +51,7 @@ enum {
+ 	ARGS_OPT_NOCASE,
+ 	ARGS_OPT_AUTOREMOVE,
+ 	ARGS_OPT_CACHE,
+	ARGS_OPT_FORCE_SIGNATURE,
+ };
+ 
+ static struct option long_options[] = {
+@@ -87,6 +88,8 @@ static struct option long_options[] = {
+ 	{"force_remove", 0, 0, ARGS_OPT_FORCE_REMOVE},
+ 	{"force-checksum", 0, 0, ARGS_OPT_FORCE_CHECKSUM},
+ 	{"force_checksum", 0, 0, ARGS_OPT_FORCE_CHECKSUM},
+	{"force-signature", 0, 0, ARGS_OPT_FORCE_SIGNATURE},
+	{"force_signature", 0, 0, ARGS_OPT_FORCE_SIGNATURE},
+ 	{"noaction", 0, 0, ARGS_OPT_NOACTION},
+ 	{"download-only", 0, 0, ARGS_OPT_DOWNLOAD_ONLY},
+ 	{"nodeps", 0, 0, ARGS_OPT_NODEPS},
+@@ -210,6 +213,9 @@ args_parse(int argc, char *argv[])
+         case ARGS_OPT_DOWNLOAD_ONLY:
+ 			conf->download_only = 1;
+ 			break;
+		case ARGS_OPT_FORCE_SIGNATURE:
+			conf->force_signature = 1;
+			break;
+ 		case ':':
+ 			parse_err = -1;
+ 			break;
+--- a/libopkg/opkg_install.c
+++ b/libopkg/opkg_install.c
+@@ -1306,13 +1306,15 @@ opkg_install_pkg(pkg_t *pkg, int from_up
+          if (opkg_verify_file (list_file_name, sig_file_name)){
+            opkg_msg(ERROR, "Failed to verify the signature of %s.\n",
+                            list_file_name);
+-           return -1;
+           if (!conf->force_signature)
+             return -1;
+          }
+        }else{
+          opkg_msg(ERROR, "Signature file is missing for %s. "
+                          "Perhaps you need to run 'opkg update'?\n",
+ 			 pkg->name);
+-         return -1;
+         if (!conf->force_signature)
+           return -1;
+        }
+ 
+        free (lists_dir);
+--- a/libopkg/opkg_cmd.c
+++ b/libopkg/opkg_cmd.c
+@@ -196,7 +196,7 @@ opkg_update_cmd(int argc, char **argv)
+                   else
+                       opkg_msg(NOTICE, "Signature check failed.\n");
+               }
+-              if (err) {
+              if (err && !conf->force_signature) {
+                   /* The signature was wrong so delete it */
+                   opkg_msg(NOTICE, "Remove wrong Signature file.\n");
+                   unlink (tmp_file_name);